Same story - different wording. This article is blaming the protocol and not the implementation "The weaknesses are in the Wi-Fi standard itself, and not in individual products or implementations" https://www.theregister.co.uk/2017/10/16/wpa2_krack_attack_security_wifi_wireless/
-----Original Message----- From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:[email protected]] On Behalf Of Chuck Anderson Sent: Monday, October 16, 2017 3:08 PM To: [email protected] Subject: Re: [WIRELESS-LAN] Big flaw in WPA2 It isn't a design flaw. It is an implementation flaw that everyone did wrong because the spec didn't address the need to be careful about it. Read this Aruba FAQ, it is helpful to address these sorts of questions: http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-007_FAQ_Rev-1.pdf On Mon, Oct 16, 2017 at 06:57:57PM +0000, Mike Cunningham wrote: > If this is a flaw in the design of the WPA2 protocol isn't the fix going to > need to be made on both sides of the communication link? Access points will > all need to be updated but also all client wifi drivers are going to need to > be updated on all wifi enabled devices that support WPA2, right? > > Mike Cunningham > > > From: The EDUCAUSE Wireless Issues Constituent Group Listserv > [mailto:[email protected]] On Behalf Of Stephen > Belcher > Sent: Monday, October 16, 2017 10:40 AM > To: [email protected] > Subject: Re: [WIRELESS-LAN] Big flaw in WPA2 > > > >From Cisco: > > > > https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/ > cisco-sa-20171016-wpa > > > > > > / Stephen Belcher > > Assistant Director of Network Operations WVU Information Technology > Services > > One Waterfront Place / PO Box 6500 > > Morgantown, WV 26506 > > > > (304) 293-8440 office > (681) 214-3389 mobile > [email protected]<mailto:[email protected]> > > ________________________________ > From: The EDUCAUSE Wireless Issues Constituent Group Listserv > <[email protected]<mailto:[email protected] > USE.EDU>> on behalf of Richard Nedwich > <[email protected]<mailto:[email protected]>> > Sent: Monday, October 16, 2017 10:34:43 AM > To: > [email protected]<mailto:[email protected] > SE.EDU> > Subject: Re: [WIRELESS-LAN] Big flaw in WPA2 > > Ruckus is providing a response today. ********** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/discuss. ________________________________ This email may contain confidential information about a Pennsylvania College of Technology student. It is intended solely for the use of the recipient. This email may contain information that is considered an “educational record” subject to the protections of the Family Educational Rights and Privacy Act Regulations. The regulations may be found at 34 C.F.R. Part 99 for your reference. The recipient may only use or disclose the information in accordance with the requirements of the Federal Educational Rights and Privacy Act Regulations. If you have received this transmission in error, please notify the sender immediately and permanently delete the email. ********** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/discuss.
